mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-11-26 18:37:12 +00:00
Certbot and Nginx disappeared in Ansible conf
This commit is contained in:
parent
b63fa19644
commit
a64dc9ffc2
21
ansible/roles/4-certbot/tasks/main.yml
Normal file
21
ansible/roles/4-certbot/tasks/main.yml
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
---
|
||||||
|
- name: Install basic APT packages
|
||||||
|
apt:
|
||||||
|
update_cache: true
|
||||||
|
name:
|
||||||
|
- certbot
|
||||||
|
- python3-certbot-nginx
|
||||||
|
register: pkg_result
|
||||||
|
retries: 3
|
||||||
|
until: pkg_result is succeeded
|
||||||
|
|
||||||
|
- name: Create /etc/letsencrypt/conf.d
|
||||||
|
file:
|
||||||
|
path: /etc/letsencrypt/conf.d
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Add Certbot configuration
|
||||||
|
template:
|
||||||
|
src: "letsencrypt/conf.d/nk20.ini.j2"
|
||||||
|
dest: "/etc/letsencrypt/conf.d/nk20.ini"
|
||||||
|
mode: 0644
|
@ -0,0 +1,20 @@
|
|||||||
|
{{ ansible_managed | comment }}
|
||||||
|
|
||||||
|
# To generate the certificate, please use the following command
|
||||||
|
# certbot --config /etc/letsencrypt/conf.d/nk20.ini certonly
|
||||||
|
|
||||||
|
# Use a 4096 bit RSA key instead of 2048
|
||||||
|
rsa-key-size = 4096
|
||||||
|
|
||||||
|
# Always use the staging/testing server
|
||||||
|
# server = https://acme-staging.api.letsencrypt.org/directory
|
||||||
|
|
||||||
|
# Uncomment and update to register with the specified e-mail address
|
||||||
|
email = notekfet2020@lists.crans.org
|
||||||
|
|
||||||
|
# Uncomment to use a text interface instead of ncurses
|
||||||
|
text = True
|
||||||
|
|
||||||
|
# Use DNS-01 challenge
|
||||||
|
authenticator = nginx
|
||||||
|
|
44
ansible/roles/5-nginx/tasks/main.yml
Normal file
44
ansible/roles/5-nginx/tasks/main.yml
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
---
|
||||||
|
- name: Install NGINX
|
||||||
|
apt:
|
||||||
|
name: nginx
|
||||||
|
register: pkg_result
|
||||||
|
retries: 3
|
||||||
|
until: pkg_result is succeeded
|
||||||
|
|
||||||
|
- name: Copy conf of Nginx
|
||||||
|
template:
|
||||||
|
src: "nginx_note.conf"
|
||||||
|
dest: /etc/nginx/sites-available/nginx_note.conf
|
||||||
|
mode: 0644
|
||||||
|
owner: www-data
|
||||||
|
group: www-data
|
||||||
|
|
||||||
|
- name: Enable Nginx site
|
||||||
|
file:
|
||||||
|
src: /etc/nginx/sites-available/nginx_note.conf
|
||||||
|
dest: /etc/nginx/sites-enabled/nginx_note.conf
|
||||||
|
owner: www-data
|
||||||
|
group: www-data
|
||||||
|
state: link
|
||||||
|
|
||||||
|
- name: Disable default Nginx site
|
||||||
|
file:
|
||||||
|
dest: /etc/nginx/sites-enabled/default
|
||||||
|
state: absent
|
||||||
|
|
||||||
|
- name: Copy conf of UWSGI
|
||||||
|
file:
|
||||||
|
src: /var/www/note_kfet/uwsgi_note.ini
|
||||||
|
dest: /etc/uwsgi/apps-enabled/uwsgi_note.ini
|
||||||
|
state: link
|
||||||
|
|
||||||
|
- name: Reload Nginx
|
||||||
|
systemd:
|
||||||
|
name: nginx
|
||||||
|
state: reloaded
|
||||||
|
|
||||||
|
- name: Restart UWSGI
|
||||||
|
systemd:
|
||||||
|
name: uwsgi
|
||||||
|
state: restarted
|
Loading…
Reference in New Issue
Block a user